예제 #1
0
def login_attempts(request):
    """
    Track number of login attempts made by a specific IP within
    a specified amount of time
    """
    ip, username = check_lockout(request)
    attempts_key = safe_key("{}{}-{}".format(LOGIN_ATTEMPTS, ip, username))
    attempts = cache.get(attempts_key)

    if attempts:
        cache.incr(attempts_key)
        attempts = cache.get(attempts_key)
        if attempts >= getattr(settings, "MAX_LOGIN_ATTEMPTS", 10):
            lockout_key = safe_key("{}{}-{}".format(LOCKOUT_IP, ip, username))
            lockout = cache.get(lockout_key)
            if not lockout:
                send_lockout_email(username, ip)
                cache.set(
                    lockout_key,
                    datetime.now().strftime("%Y-%m-%dT%H:%M:%S"),
                    getattr(settings, "LOCKOUT_TIME", 1800),
                )
            check_lockout(request)
            return attempts
        return attempts

    cache.set(attempts_key, 1)

    return cache.get(attempts_key)
예제 #2
0
def change_password_attempts(request):
    """Track number of login attempts made by user within a specified amount
     of time"""
    username = request.user.username
    password_attempts = '{}{}'.format(CHANGE_PASSWORD_ATTEMPTS, username)
    attempts = cache.get(password_attempts)

    if attempts:
        cache.incr(password_attempts)
        attempts = cache.get(password_attempts)
        if attempts >= MAX_CHANGE_PASSWORD_ATTEMPTS:
            cache.set('{}{}'.format(LOCKOUT_CHANGE_PASSWORD_USER, username),
                      datetime.datetime.now().strftime('%Y-%m-%dT%H:%M:%S'),
                      LOCKOUT_TIME)
            if check_user_lockout(request):
                return check_user_lockout(request)

        return attempts

    cache.set(password_attempts, 1)

    return 1